Step 3 – Create a new VPN Policy
Advanced Users
You can turn on Perfect Forward Secrecy (PFS) later, if you wish. The setting on the device must
match the setting in VPN Tracker (Advanced > Phase 2 > Perfect Forward Secrecy).
‣ Go to VPN > VPN Policies
‣ Click "Add Auto Policy"
‣ VPN Policy Name: Enter a name for the VPN Policy
You can use the same name you used for the IKE policy.
‣ IKE Policy: Select the IKE Policy you have just created
‣ Remote VPN Endpoint: Select "Fully Qualified Domain
Name", and enter the same identifier here that you used
➌
as the Remote Identity
‣ SA Life Time: 3600 seconds / 0 Kbytes
‣ IPsec PFS: Keep IPsec PFS turned off
‣ PFS Key Group: Keep the selected "Group 1 (768 Bit)"
12
➌
in the IKE policy
➑
.